<?php
ini_set('session.cookie_samesite', 'None');
ini_set('session.cookie_secure', '1');
ini_set('session.cookie_httponly', '1');

// 设置跨域头（全局生效）
header("Access-Control-Allow-Origin: https://chat.jiil.top");
header("Access-Control-Allow-Credentials: true");
header("Content-Security-Policy: frame-ancestors 'self' https://chat.jiil.top");
header("X-Frame-Options: ALLOW-FROM https://chat.jiil.top");

// 确保会话启动
if (session_status() === PHP_SESSION_NONE) {
    session_start();
}

// 加载安全头文件
require __DIR__ . '/headers.php';